<?php
require_once('../../auth/auth.php');

//get values from POST
	$title=$_POST['title'];        
	$firstname=$_POST['firstname'];    
 	$lastname=$_POST['lastname'];    
	$passwd1=$_POST['passwd1'];    
	$passwd2=$_POST['passwd2'];  
	 
include 'db_Connect.php';
	
	//Input Validations
	if($passwd1 == '' || $passwd2 == '') {
		$errmsg_arr[] = 'Password missing';
		$errflag = true;
		echo "Password Missing";
	} else {		
		if ($passwd1 == $passwd2){			
			$passwdChange = "UPDATE members SET  passwd='".SHA1($passwd1)."' WHERE member_id='".$_SESSION['SESS_MEMBER_ID']."'";
			$sql_passwd = mysql_query($passwdChange);	//user update executes
			
			if($sql_passwd){
				echo("<br>Password update succeeded");

			} else{
				echo("<br> Password update failed");
			}
		} else {			
		$errmsg_arr[] = 'Passwords do not match';
		$errflag = true;
		echo "Passwords do not match";
		}		
	}    
	
$user = "UPDATE members SET title='".$title."', firstname='".$firstname."', lastname='".$lastname."' WHERE member_id='".$_SESSION['SESS_MEMBER_ID']."'";
$result = mysql_query($user);	//user update executes

if($result){
	echo("<br>User update succeeded");
         $_SESSION['SESS_TITLE'] = $title;
			$_SESSION['SESS_FIRST_NAME'] = $firstname;
			$_SESSION['SESS_LAST_NAME'] = $lastname;
	header("Location:../userProfile.php");
} else{
	echo("<br> User update failed");
}

include 'db_Close.php';
?>

